Wednesday, March 18, 2015

RHEL7 firewalld caveat

Beware that in RHEL7, iptables is no longer there, and by default you get another root daemon process running a firewall:

/usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Here it is explained in details http://www.certdepot.net/rhel7-get-started-firewalld/, and also do "man firewall-cmd" for more help. Worth reading also the RHAT page on firewalls https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html

Look also here http://www.liquidweb.com/kb/how-to-start-and-enable-firewalld-on-centos-7/ for how to start/stop the service

So if you waste on hour trying to figure out why you can't connect to the WebLogic console from an external browser, while the WL Server seems to be perfectly configured and functioning.... there you are... kill the stinky firewall first, then try to figure out how to open the 7001 port...



Command I have used:

  • systemctl stop firewalld
  • systemctl start firewalld
  • firewall-cmd --zone=dmz --add-port=2888/tcp --permanent
  • firewall-cmd --reload
  • firewall-cmd --get-service


No comments: